A simple command-line script to check expiry dates for your ssl certificates.


Source

~/.functions

function check_site_ssl () {
    red=`tput setaf 1`
    green=`tput setaf 2`
    reset=`tput sgr0`

    ifs=$IFS
    IFS=$'\n=' # ' comment to avoid pygments bug!

    echo -ne "$1 ... "
    dates=`echo | openssl s_client -connect "$1":443 2>/dev/null | openssl x509 -noout -dates`

    read x d1 y d2 <<< $(tr '\n' '=' <<< $dates | rev | cut -c 2- | rev)

    today=$(date +"%Y%m%d")
    todate=$(date -jf "%b %d %T %Y GMT" "$d2" +"%Y%m%d")
    fromdate=$(date -jf "%b %d %T %Y GMT" "$d1" +"%Y%m%d")
    days=$(expr '(' $(date -jf "%b %d %T %Y GMT" "$d2" +"%s") - $(date +"%s") ')' / 86400)" days"

    if [ $todate -ge $today ] && [ $today -ge $fromdate ]; then
        echo "${green}$days until expiry!${reset}";
    else
        echo "${red}✗ expired $days ago!${reset}";
    fi

    IFS=$ifs
}

function check_ssl () {
    if [ "$#" -eq 1 ]; then
        check_site_ssl "$1"
    elif [ -f ~/.ssl_sites ]; then
        for site in `cat ~/.ssl_sites`; do
            check_site_ssl "$site"
        done
    fi
}

~/.ssl_sites

google.com
facebook.com
twitter.com
youtube.com

Usage

check_ssl

google.com ... ✓ 71 days until expiry!
facebook.com ... ✓ 213 days until expiry!
twitter.com ... ✓ 652 days until expiry!
youtube.com ... ✓ 71 days until expiry!

check_ssl mail.google.com

mail.google.com ... ✓ 71 days until expiry!

Based on openssl binary. Uses date, cut, read, tput, expr commands. Tested on OS X.